CVE-2023-25280

D-Link DIR-820 routers contain an OS command injection vulnerability that allows a remote, unauthenticated attacker to escalate privileges to root via a crafted payload with the ping_addr parameter to ping.ccp. Vendor/Product: D-Link DIR-820 Router. Added to CISA KEV 2024-09-30; required action: The impacted product is end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue utilization of the product.